TELECOM & TECH
It’s Your Data to Lose
ata is the modern oil, says Danny Maxwell, PMP, ITIL. And it’s essential that organizations recognize its value, protect it—and anticipate that it will have to be recovered some day.
That’s why it’s vitally important for businesses to have a backup and recovery strategy and documented plan, says Maxwell, the Anchorage-based territory director with Structured Communications Systems. Headquartered in Clackamas, Oregon, Structured Communications Systems is an IT consultancy and multi-cloud services provider that partners with companies nationwide. “In our experience, it is not a question of ‘if’ you need a plan but rather ‘when’ you’ll need to execute a recovery,” Maxwell says. “Attacks, deleted or compromised data, broken communication lines, etc., are an unfortunate reality of doing business in today’s ‘connected’ world. The more proactive and prepared a business can be determines how fast and effective the recovery process is accomplished.”
ata is the modern oil, says Danny Maxwell, PMP, ITIL. And it’s essential that organizations recognize its value, protect it—and anticipate that it will have to be recovered some day.
The collective impact of computer and network intrusions is staggering. Billions of dollars are lost every year repairing systems hit by cyber attacks. Some of the attacks take down vital systems: government agencies, hospitals, banks, and other businesses.
Cybersecurity threats are extremely serious—and growing. And cyber intrusions are becoming more commonplace, more dangerous, and more sophisticated, according to the FBI, which is the lead federal agency for investigating cyber attacks by criminals, overseas adversaries, and terrorists. Cyber crime is so prevalent that the FBI has cyber experts positioned in its field offices nationwide, including its Anchorage Division.
The collective impact of computer and network intrusions is staggering. Billions of dollars are lost every year repairing systems hit by cyber attacks. Some of the attacks take down vital systems: government agencies, hospitals, banks, and other businesses.
When data is lost or compromised due to a cyber attack, natural disaster, or other calamity, companies generally have two options: recover the data from their last backup or recreate data if a backup isn’t available.
Thankfully, most companies with even a handful of employees on staff will have an IT person available to back up their critical systems and information, according to Glen Kratochvil, president of Alaska Computer Guy. Data recovery is something he holds close to his heart because he has lost years’ worth of information that could not be recreated. Such a catastrophic event can be as emotional as dealing with a house fire, and the experience can leave most people not thinking clearly, he says. “It’s not uncommon for people to call me very upset or crying when they’re in the middle of a data-loss emergency,” he adds. “If you have a recovery plan in place, you’re more likely to remain calm and not cause further harm. Knowing what to do when this happens can mean the difference between complete data recovery and having to rebuild years of company records from scratch.”
When a cyber disaster occurs, Kratochvil says, companies should start by calling a trusted computer technician or data recovery center and explain what happened. How the recovery process is handled will depend on the specifics that led to the loss. He explains: “Often this will include restoring information from backups or decommissioned computer systems; wiping affected systems and reinstalling; or [if there are no backups] recovering some critical data from old email attachments or data sent outside the company. If none of these exist, it may be necessary for companies to recreate data or accounting records from scratch, which can be costly, time-consuming, and lead to significant business interruptions.”
“In our experience, it is not a question of ‘if’ you need a plan, but rather ‘when’ you’ll need to execute a recovery.”
Structured Communications Systems
Many people think that a hard drive failure is the only reason to keep a backup hard drive, but that’s not the case. “When an office is broken into and a computer is stolen, the thieves will take anything that is plugged into the computer, so if that’s your only backup, it just got stolen as well,” Kratochvil says. “The same is true for fire, earthquake, or water damage. Whatever affects one computer system will likely affect the backup that is attached to it.”
He adds: “Cyber criminals or viruses that compromise data on a computer will also infect or encrypt the data stored on an external hard drive that is plugged into it. Put some space between your backups for maximum protection.”
Like Kratochvil, Maxwell says recovery doesn’t have to require an ultra-expensive solution. Being proactive and designing business systems with redundancy and recovery in mind will minimize time and expenses should an unfortunate disaster occur. “Today’s modern equipment, software, and available disaster recovery services provide many options and levels of recovery,” he says. “Businesses, small to large, need to recognize one of the most important assets is your data. Protect it accordingly.”
There are several steps that businesses should follow to recover from a major cyber disaster, Maxwell says. First, the IT staff should recognize the severity of the situation and notify upper management immediately. If need be, the company should call an expert to help assess the potential breach or data impact.
Then, if necessary, the business should disconnect its environment from outside communication, such as the internet. Next, the company should stop creating or changing its data. “Lock out internal users from accessing applications or shared files and directories,” Maxwell says.
After this, the type of “disaster” will determine the next steps, whether they be network changes, virus scans, or full data recovery procedures. “Management needs to take an active role in prioritizing what access, applications, or data needs to be recovered,” he says. “Structured offers the expertise and experience to be a passive, active, or combined resource in this process.”
“Structured can assist with recovery, or ‘roll back,’ of your business data to a known good ‘state,’” Maxwell says. “This assumes you have a good backup strategy and ‘clean’ data at a point prior to the breach.”
In the event of a natural disaster, Structured can be on point to coordinate with multiple vendors to facilitate the restoration of phone services or network communications and assist with computer and application recovery. Basically, the company can serve as a one-stop resource for systems recovery. Maxwell explains: “Structured has local resources in Alaska to act quickly and competently. We also have access to many remote experts depending on the size and need of the recovery.”
Companies will likely have various levels of recovery needs, from least to most important. Once they establish their business priorities, Maxwell says, they can formulate strategies and plans. Depending on the application recovery need(s), businesses should consider the following strategies:
Basic off-site backups, either tape or replicated data
A passive disaster recovery site, either owned, leased, or cloud-based
Active recovery site (with live data ready for an immediate fail-over)
For critical systems, a bare-metal backup or full-system image is a good resource to have. Acronis True Image is a software product that allows businesses to create full-system images that permit them to completely restore a computer—along with all the programs, software, and data—exactly as it was when the image was created. This can be incredibly valuable for computers that have important (or expensive) software installed on them, according to Kratochvil.
“I recently had a doctor contact me because one of his critical diagnostic computers had a hard drive spontaneously die on him with no warning signs,” says Kratochvil. “Fortunately, the doctor had made a full-system image using Acronis a few weeks earlier, and recovery was fast. Within three hours of his phone call to me, I had replaced the failed hard drive and restored the image, so the computer ran exactly as it did before the failure, and he lost a negligible amount of productivity because of the incident.”
He continues, “Without that full-system image backup, this incident would have caused the computer to be offline for at least a day or two while the computer was reconfigured, software was obtained, and everything was reinstalled.”
Kratochvil encourages businesses to automate or proceduralize their backup process as much as possible. Cloud backup solutions like Carbonite, iCloud, or Crashplan make this easy. Once the software is installed, it works automatically and provides a set-it-and-forget-it type of solution.
But even with cloud backups, a local, off-site backup is still important for fast recovery, Kratochvil says. The cloud provider could go out of business or have a disaster in its data center. Or the business could encounter password/authentication problems that prevent access to their data in the cloud.
“When an office is broken into and a computer is stolen, the thieves will take anything that is plugged into the computer, so if that’s your only backup, it just got stolen as well… The same is true for fire, earthquake, or water damage. Whatever affects one computer system will likely affect the backup that is attached to it.”
He continues, “Either weekly or monthly swap the hard drives, so one is never more than a month old, and the other is always current. The reason to keep two hard drives—with one always unplugged—is because if you have a backup hard drive that is always plugged in, it is vulnerable to anything that happens to the computer it is plugged into.”
Companies need to plan regular checkups (annually at least) to make sure their backup and recovery plan is followed. They should also know the location of their backups and the specific kind of protection that each type of backup provides. “An off-site backup kept at the owner’s home or a bank box will protect you even if an employee goes rogue and decides to cause a lot of harm to your network on his or her way out,” he says.
Maxwell says some of the best data backup and recovery advice is the simplest: plan, test, and review regularly. “If you’re not comfortable with this process, hire a professional,” he says.